@saltcorn/server 0.8.0-beta.0 → 0.8.0-beta.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/auth/admin.js +197 -46
- package/auth/roleadmin.js +5 -23
- package/locales/de.json +1049 -273
- package/locales/en.json +15 -3
- package/locales/it.json +6 -1
- package/locales/ru.json +14 -4
- package/markup/admin.js +6 -4
- package/package.json +8 -8
- package/public/blockly.js +19 -31
- package/routes/actions.js +1 -13
- package/routes/delete.js +6 -5
- package/routes/edit.js +5 -10
- package/routes/fields.js +60 -29
- package/routes/list.js +8 -9
- package/routes/tables.js +5 -9
- package/routes/tenant.js +67 -65
- package/routes/view.js +3 -3
- package/routes/viewedit.js +46 -57
- package/tests/admin.test.js +4 -2
- package/tests/fields.test.js +1 -0
- package/tests/tenant.test.js +8 -0
- package/tests/viewedit.test.js +15 -1
package/auth/admin.js
CHANGED
|
@@ -5,9 +5,6 @@
|
|
|
5
5
|
* @subcategory auth
|
|
6
6
|
*/
|
|
7
7
|
// todo refactor to few modules + rename to be in sync with router url
|
|
8
|
-
/**
|
|
9
|
-
* @type {module:express-promise-router}
|
|
10
|
-
*/
|
|
11
8
|
const Router = require("express-promise-router");
|
|
12
9
|
const { contract, is } = require("contractis");
|
|
13
10
|
|
|
@@ -24,10 +21,10 @@ const {
|
|
|
24
21
|
settingsDropdown,
|
|
25
22
|
post_dropdown_item,
|
|
26
23
|
} = require("@saltcorn/markup");
|
|
27
|
-
const { isAdmin,
|
|
24
|
+
const { isAdmin, error_catcher } = require("../routes/utils");
|
|
28
25
|
const { send_reset_email } = require("./resetpw");
|
|
29
26
|
const { getState } = require("@saltcorn/data/db/state");
|
|
30
|
-
const { a, div,
|
|
27
|
+
const { a, div, span, code, h5, i, p } = require("@saltcorn/markup/tags");
|
|
31
28
|
const Table = require("@saltcorn/data/models/table");
|
|
32
29
|
const {
|
|
33
30
|
send_users_page,
|
|
@@ -217,6 +214,7 @@ const user_dropdown = (user, req, can_reset) =>
|
|
|
217
214
|
]);
|
|
218
215
|
|
|
219
216
|
/**
|
|
217
|
+
* Users List (HTTP Get)
|
|
220
218
|
* @name get
|
|
221
219
|
* @function
|
|
222
220
|
* @memberof module:auth/admin~auth/adminRouter
|
|
@@ -227,8 +225,8 @@ router.get(
|
|
|
227
225
|
error_catcher(async (req, res) => {
|
|
228
226
|
const users = await User.find({}, { orderBy: "id" });
|
|
229
227
|
const roles = await User.get_roles();
|
|
230
|
-
|
|
231
|
-
roles.forEach(
|
|
228
|
+
let roleMap = {};
|
|
229
|
+
roles.forEach(r => {
|
|
232
230
|
roleMap[r.id] = r.role;
|
|
233
231
|
});
|
|
234
232
|
const can_reset = getState().getConfig("smtp_host", "") !== "";
|
|
@@ -305,37 +303,67 @@ router.get(
|
|
|
305
303
|
);
|
|
306
304
|
|
|
307
305
|
/**
|
|
308
|
-
*
|
|
306
|
+
* Authentication Setting Form
|
|
307
|
+
* @param {object} req
|
|
308
|
+
* @returns {Form}
|
|
309
|
+
*/
|
|
310
|
+
const auth_settings_form = async (req) =>
|
|
311
|
+
await config_fields_form({
|
|
312
|
+
req,
|
|
313
|
+
field_names: [
|
|
314
|
+
"allow_signup",
|
|
315
|
+
"login_menu",
|
|
316
|
+
"allow_forgot",
|
|
317
|
+
"new_user_form",
|
|
318
|
+
"login_form",
|
|
319
|
+
"signup_form",
|
|
320
|
+
"user_settings_form",
|
|
321
|
+
"verification_view",
|
|
322
|
+
"elevate_verified",
|
|
323
|
+
"email_mask",
|
|
324
|
+
],
|
|
325
|
+
action: "/useradmin/settings",
|
|
326
|
+
submitLabel: req.__("Save"),
|
|
327
|
+
});
|
|
328
|
+
|
|
329
|
+
/**
|
|
330
|
+
* HTTP Settings Form
|
|
309
331
|
* @param {object} req
|
|
310
332
|
* @returns {Form}
|
|
311
333
|
*/
|
|
312
|
-
const
|
|
313
|
-
|
|
314
|
-
|
|
315
|
-
|
|
316
|
-
|
|
317
|
-
|
|
318
|
-
|
|
319
|
-
|
|
320
|
-
|
|
321
|
-
|
|
322
|
-
|
|
323
|
-
|
|
324
|
-
|
|
325
|
-
|
|
326
|
-
"timeout",
|
|
327
|
-
"email_mask",
|
|
328
|
-
"allow_forgot",
|
|
329
|
-
"cookie_duration",
|
|
330
|
-
"cookie_duration_remember",
|
|
331
|
-
"cookie_sessions",
|
|
332
|
-
"custom_http_headers",
|
|
333
|
-
],
|
|
334
|
-
action: "/useradmin/settings",
|
|
335
|
-
submitLabel: req.__("Save"),
|
|
336
|
-
});
|
|
334
|
+
const http_settings_form = async (req) =>
|
|
335
|
+
await config_fields_form({
|
|
336
|
+
req,
|
|
337
|
+
field_names: [
|
|
338
|
+
"timeout",
|
|
339
|
+
"cookie_duration",
|
|
340
|
+
"cookie_duration_remember",
|
|
341
|
+
"cookie_sessions",
|
|
342
|
+
"custom_http_headers",
|
|
343
|
+
],
|
|
344
|
+
action: "/useradmin/http",
|
|
345
|
+
submitLabel: req.__("Save"),
|
|
346
|
+
});
|
|
347
|
+
|
|
337
348
|
|
|
338
349
|
/**
|
|
350
|
+
* Permissions Setting Form
|
|
351
|
+
* @param {object} req
|
|
352
|
+
* @returns {Form}
|
|
353
|
+
*/
|
|
354
|
+
const permissions_settings_form = async (req) =>
|
|
355
|
+
await config_fields_form({
|
|
356
|
+
req,
|
|
357
|
+
field_names: [
|
|
358
|
+
"min_role_upload",
|
|
359
|
+
"min_role_apikeygen",
|
|
360
|
+
],
|
|
361
|
+
action: "/useradmin/permissions",
|
|
362
|
+
submitLabel: req.__("Save"),
|
|
363
|
+
});
|
|
364
|
+
|
|
365
|
+
/**
|
|
366
|
+
* HTTP GET for /useradmin/settings
|
|
339
367
|
* @name get/settings
|
|
340
368
|
* @function
|
|
341
369
|
* @memberof module:auth/admin~auth/adminRouter
|
|
@@ -344,7 +372,7 @@ router.get(
|
|
|
344
372
|
"/settings",
|
|
345
373
|
isAdmin,
|
|
346
374
|
error_catcher(async (req, res) => {
|
|
347
|
-
const form = await
|
|
375
|
+
const form = await auth_settings_form(req);
|
|
348
376
|
send_users_page({
|
|
349
377
|
res,
|
|
350
378
|
req,
|
|
@@ -359,6 +387,7 @@ router.get(
|
|
|
359
387
|
);
|
|
360
388
|
|
|
361
389
|
/**
|
|
390
|
+
* HTTP POST for /useradmin/settings
|
|
362
391
|
* @name post/settings
|
|
363
392
|
* @function
|
|
364
393
|
* @memberof module:auth/admin~auth/adminRouter
|
|
@@ -367,7 +396,7 @@ router.post(
|
|
|
367
396
|
"/settings",
|
|
368
397
|
isAdmin,
|
|
369
398
|
error_catcher(async (req, res) => {
|
|
370
|
-
const form = await
|
|
399
|
+
const form = await auth_settings_form(req);
|
|
371
400
|
form.validate(req.body);
|
|
372
401
|
if (form.hasErrors) {
|
|
373
402
|
send_users_page({
|
|
@@ -382,7 +411,7 @@ router.post(
|
|
|
382
411
|
});
|
|
383
412
|
} else {
|
|
384
413
|
await save_config_from_form(form);
|
|
385
|
-
req.flash("success", req.__("
|
|
414
|
+
req.flash("success", req.__("Authentication settings updated"));
|
|
386
415
|
if (!req.xhr) res.redirect("/useradmin/settings");
|
|
387
416
|
else res.json({ success: "ok" });
|
|
388
417
|
}
|
|
@@ -390,6 +419,119 @@ router.post(
|
|
|
390
419
|
);
|
|
391
420
|
|
|
392
421
|
/**
|
|
422
|
+
* HTTP GET for /useradmin/http
|
|
423
|
+
* @name get/settings
|
|
424
|
+
* @function
|
|
425
|
+
* @memberof module:auth/admin~auth/adminRouter
|
|
426
|
+
*/
|
|
427
|
+
router.get(
|
|
428
|
+
"/http",
|
|
429
|
+
isAdmin,
|
|
430
|
+
error_catcher(async (req, res) => {
|
|
431
|
+
const form = await http_settings_form(req);
|
|
432
|
+
send_users_page({
|
|
433
|
+
res,
|
|
434
|
+
req,
|
|
435
|
+
active_sub: "HTTP",
|
|
436
|
+
contents: {
|
|
437
|
+
type: "card",
|
|
438
|
+
title: req.__("HTTP settings"),
|
|
439
|
+
contents: [renderForm(form, req.csrfToken())],
|
|
440
|
+
},
|
|
441
|
+
});
|
|
442
|
+
})
|
|
443
|
+
);
|
|
444
|
+
|
|
445
|
+
/**
|
|
446
|
+
* HTTP POST for /useradmin/http
|
|
447
|
+
* @name post/settings
|
|
448
|
+
* @function
|
|
449
|
+
* @memberof module:auth/admin~auth/adminRouter
|
|
450
|
+
*/
|
|
451
|
+
router.post(
|
|
452
|
+
"/http",
|
|
453
|
+
isAdmin,
|
|
454
|
+
error_catcher(async (req, res) => {
|
|
455
|
+
const form = await http_settings_form(req);
|
|
456
|
+
form.validate(req.body);
|
|
457
|
+
if (form.hasErrors) {
|
|
458
|
+
send_users_page({
|
|
459
|
+
res,
|
|
460
|
+
req,
|
|
461
|
+
active_sub: "HTTP",
|
|
462
|
+
contents: {
|
|
463
|
+
type: "card",
|
|
464
|
+
title: req.__("HTTP settings"),
|
|
465
|
+
contents: [renderForm(form, req.csrfToken())],
|
|
466
|
+
},
|
|
467
|
+
});
|
|
468
|
+
} else {
|
|
469
|
+
await save_config_from_form(form);
|
|
470
|
+
req.flash("success", req.__("HTTP settings updated"));
|
|
471
|
+
if (!req.xhr) res.redirect("/useradmin/http");
|
|
472
|
+
else res.json({ success: "ok" });
|
|
473
|
+
}
|
|
474
|
+
})
|
|
475
|
+
);
|
|
476
|
+
|
|
477
|
+
/**
|
|
478
|
+
* HTTP GET for /useradmin/permissions
|
|
479
|
+
* @name get/settings
|
|
480
|
+
* @function
|
|
481
|
+
* @memberof module:auth/admin~auth/adminRouter
|
|
482
|
+
*/
|
|
483
|
+
router.get(
|
|
484
|
+
"/permissions",
|
|
485
|
+
isAdmin,
|
|
486
|
+
error_catcher(async (req, res) => {
|
|
487
|
+
const form = await permissions_settings_form(req);
|
|
488
|
+
send_users_page({
|
|
489
|
+
res,
|
|
490
|
+
req,
|
|
491
|
+
active_sub: "Permissions",
|
|
492
|
+
contents: {
|
|
493
|
+
type: "card",
|
|
494
|
+
title: req.__("Permissions settings"),
|
|
495
|
+
contents: [renderForm(form, req.csrfToken())],
|
|
496
|
+
},
|
|
497
|
+
});
|
|
498
|
+
})
|
|
499
|
+
);
|
|
500
|
+
|
|
501
|
+
/**
|
|
502
|
+
* HTTP POST for /useradmin/permissions
|
|
503
|
+
* @name post/settings
|
|
504
|
+
* @function
|
|
505
|
+
* @memberof module:auth/admin~auth/adminRouter
|
|
506
|
+
*/
|
|
507
|
+
router.post(
|
|
508
|
+
"/permissions",
|
|
509
|
+
isAdmin,
|
|
510
|
+
error_catcher(async (req, res) => {
|
|
511
|
+
const form = await permissions_settings_form(req);
|
|
512
|
+
form.validate(req.body);
|
|
513
|
+
if (form.hasErrors) {
|
|
514
|
+
send_users_page({
|
|
515
|
+
res,
|
|
516
|
+
req,
|
|
517
|
+
active_sub: "Permissions",
|
|
518
|
+
contents: {
|
|
519
|
+
type: "card",
|
|
520
|
+
title: req.__("Permissions settings"),
|
|
521
|
+
contents: [renderForm(form, req.csrfToken())],
|
|
522
|
+
},
|
|
523
|
+
});
|
|
524
|
+
} else {
|
|
525
|
+
await save_config_from_form(form);
|
|
526
|
+
req.flash("success", req.__("Permissions settings updated"));
|
|
527
|
+
if (!req.xhr) res.redirect("/useradmin/permissions");
|
|
528
|
+
else res.json({ success: "ok" });
|
|
529
|
+
}
|
|
530
|
+
})
|
|
531
|
+
);
|
|
532
|
+
|
|
533
|
+
/**
|
|
534
|
+
* HTTP GET for /useradmin/ssl
|
|
393
535
|
* @name get/ssl
|
|
394
536
|
* @function
|
|
395
537
|
* @memberof module:auth/admin~auth/adminRouter
|
|
@@ -510,17 +652,19 @@ router.get(
|
|
|
510
652
|
);
|
|
511
653
|
|
|
512
654
|
/**
|
|
655
|
+
* SSL Setting form
|
|
513
656
|
* @param {object} req
|
|
514
657
|
* @returns {Form}
|
|
515
658
|
*/
|
|
516
|
-
const ssl_form = (req) =>
|
|
517
|
-
|
|
518
|
-
|
|
519
|
-
|
|
520
|
-
|
|
521
|
-
|
|
659
|
+
const ssl_form = async (req) =>
|
|
660
|
+
await config_fields_form({
|
|
661
|
+
req,
|
|
662
|
+
field_names: ["custom_ssl_certificate", "custom_ssl_private_key"],
|
|
663
|
+
action: "/useradmin/ssl/custom",
|
|
664
|
+
});
|
|
522
665
|
|
|
523
666
|
/**
|
|
667
|
+
* HTTP GET for /useradmin/ssl/custom
|
|
524
668
|
* @name get/ssl/custom
|
|
525
669
|
* @function
|
|
526
670
|
* @memberof module:auth/admin~auth/adminRouter
|
|
@@ -545,6 +689,7 @@ router.get(
|
|
|
545
689
|
);
|
|
546
690
|
|
|
547
691
|
/**
|
|
692
|
+
* HTTP POST for /useradmin/ssl/custom
|
|
548
693
|
* @name post/ssl/custom
|
|
549
694
|
* @function
|
|
550
695
|
* @memberof module:auth/admin~auth/adminRouter
|
|
@@ -583,6 +728,7 @@ router.post(
|
|
|
583
728
|
);
|
|
584
729
|
|
|
585
730
|
/**
|
|
731
|
+
* HTTP GET for /useradmin/table-access
|
|
586
732
|
* @name get/ssl/custom
|
|
587
733
|
* @function
|
|
588
734
|
* @memberof module:auth/admin~auth/adminRouter
|
|
@@ -806,7 +952,7 @@ router.post(
|
|
|
806
952
|
role_id: +role_id,
|
|
807
953
|
...rest,
|
|
808
954
|
});
|
|
809
|
-
// refactored to catch user errors
|
|
955
|
+
// refactored to catch user errors and stop processing if any errors
|
|
810
956
|
if (u.error) {
|
|
811
957
|
req.flash("error", u.error); // todo change to prompt near field like done for views
|
|
812
958
|
// todo return to create user form
|
|
@@ -826,7 +972,7 @@ router.post(
|
|
|
826
972
|
);
|
|
827
973
|
|
|
828
974
|
/**
|
|
829
|
-
* Reset password for
|
|
975
|
+
* Reset password for user
|
|
830
976
|
* @name post/reset-password/:id
|
|
831
977
|
* @function
|
|
832
978
|
* @memberof module:auth/admin~auth/adminRouter
|
|
@@ -856,8 +1002,13 @@ router.post(
|
|
|
856
1002
|
error_catcher(async (req, res) => {
|
|
857
1003
|
const { id } = req.params;
|
|
858
1004
|
const u = await User.findOne({ id });
|
|
859
|
-
|
|
860
|
-
|
|
1005
|
+
// todo add test case
|
|
1006
|
+
const result = await send_verification_email(u, req);
|
|
1007
|
+
if (result.error)
|
|
1008
|
+
req.flash(
|
|
1009
|
+
"danger",
|
|
1010
|
+
req.__(`Verification email sender error:`, result.error)
|
|
1011
|
+
);
|
|
861
1012
|
else
|
|
862
1013
|
req.flash(
|
|
863
1014
|
"success",
|
package/auth/roleadmin.js
CHANGED
|
@@ -4,45 +4,27 @@
|
|
|
4
4
|
* @subcategory auth
|
|
5
5
|
*/
|
|
6
6
|
const Router = require("express-promise-router");
|
|
7
|
-
const { contract, is } = require("contractis");
|
|
8
7
|
|
|
9
|
-
const db = require("@saltcorn/data/db");
|
|
8
|
+
//const db = require("@saltcorn/data/db");
|
|
10
9
|
const User = require("@saltcorn/data/models/user");
|
|
11
10
|
const Role = require("@saltcorn/data/models/role");
|
|
12
|
-
const Field = require("@saltcorn/data/models/field");
|
|
13
11
|
const Form = require("@saltcorn/data/models/form");
|
|
14
12
|
const {
|
|
15
13
|
mkTable,
|
|
16
14
|
renderForm,
|
|
17
15
|
link,
|
|
18
|
-
post_btn,
|
|
19
|
-
settingsDropdown,
|
|
20
|
-
post_dropdown_item,
|
|
21
16
|
post_delete_btn,
|
|
22
17
|
} = require("@saltcorn/markup");
|
|
23
18
|
const { isAdmin, error_catcher, csrfField } = require("../routes/utils");
|
|
24
|
-
const { send_reset_email } = require("./resetpw");
|
|
25
19
|
const { getState } = require("@saltcorn/data/db/state");
|
|
26
20
|
const {
|
|
27
|
-
a,
|
|
28
|
-
div,
|
|
29
|
-
button,
|
|
30
21
|
text,
|
|
31
|
-
span,
|
|
32
|
-
code,
|
|
33
22
|
form,
|
|
34
23
|
option,
|
|
35
24
|
select,
|
|
36
|
-
br,
|
|
37
|
-
h4,
|
|
38
|
-
h5,
|
|
39
|
-
p,
|
|
40
25
|
} = require("@saltcorn/markup/tags");
|
|
41
|
-
const Table = require("@saltcorn/data/models/table");
|
|
42
26
|
const {
|
|
43
27
|
send_users_page,
|
|
44
|
-
config_fields_form,
|
|
45
|
-
save_config_from_form,
|
|
46
28
|
} = require("../markup/admin");
|
|
47
29
|
|
|
48
30
|
/**
|
|
@@ -77,7 +59,7 @@ const editRoleLayoutForm = (role, layouts, layout_by_role, req) =>
|
|
|
77
59
|
value: layout,
|
|
78
60
|
...((layout_by_role[role.id]
|
|
79
61
|
? layout_by_role[role.id] === layout
|
|
80
|
-
: ix
|
|
62
|
+
: ix === layouts.length - 1) && { selected: true }),
|
|
81
63
|
},
|
|
82
64
|
text(layout)
|
|
83
65
|
)
|
|
@@ -86,9 +68,9 @@ const editRoleLayoutForm = (role, layouts, layout_by_role, req) =>
|
|
|
86
68
|
);
|
|
87
69
|
|
|
88
70
|
/**
|
|
71
|
+
*
|
|
89
72
|
* @param {Role} role
|
|
90
|
-
* @param
|
|
91
|
-
* @param {*} layout_by_role
|
|
73
|
+
* @param twofa_policy_by_role
|
|
92
74
|
* @param {object} req
|
|
93
75
|
* @returns {Form}
|
|
94
76
|
*/
|
|
@@ -139,7 +121,7 @@ router.get(
|
|
|
139
121
|
isAdmin,
|
|
140
122
|
error_catcher(async (req, res) => {
|
|
141
123
|
const roles = await User.get_roles();
|
|
142
|
-
|
|
124
|
+
let roleMap = {};
|
|
143
125
|
roles.forEach((r) => {
|
|
144
126
|
roleMap[r.id] = r.role;
|
|
145
127
|
});
|